Описание
Memory corruption in smallvec
Attempting to call grow on a spilled SmallVec with a value less than the current capacity causes corruption of memory allocator data structures. An attacker that controls the value passed to grow may exploit this flaw to obtain memory contents or gain remote code execution.
Пакеты
Наименование
smallvec
rust
Затронутые версииВерсия исправления
>= 0.6.3, < 0.6.10
0.6.10
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 6 лет назад
An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is memory corruption for certain grow attempts with less than the current capacity.
CVSS3: 9.8
nvd
больше 6 лет назад
An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is memory corruption for certain grow attempts with less than the current capacity.
CVSS3: 9.8
debian
больше 6 лет назад
An issue was discovered in the smallvec crate before 0.6.10 for Rust. ...